Indra's Net : Services : Web Services : Development : Security Solutions

Security Solutions

Security and privacy remain the primary concern of online consumers, which is why Indra's Net requires the use of Secure Server IDs (also known as SSL IDs or server certificates) from VeriSign, Inc. for sites that run live credit card transactions. We also strongly encourage the use of these Secure Server IDs on any Web site that collects private information from end users, such as social security numbers or demographic information, regardless of whether or not the site is doing any live financial transactions.

How Does Web Security Work?

Imagine a very unscrupulous, fictitious company doing business on the Web as Micros0ft (with a zero where the second "o" would be in the legitimate company, Microsoft Corporation.) They could conceivably register the domain micros0ft.com, and, downloading any of the countless Microsoft logos from around the Web, set up an electronic storefront, posing as the actual Microsoft. Unsuspecting customers might inadvertently land on the knock-off micros0ft.com, and submit their credit card numbers to them without ever knowing that it wasn't the real Microsoft.

To avoid this scenario, the assurance of security is accomplished by third-party authentication of your Web site. (VeriSign, Inc. has been the long-established leader in this business.) The third-party does the technological equivalent of a "background check" to determine that the Web site is, in fact, run by the organization who says they run it. Privacy is ensured by the use of SSL (which stands for Secure Socket Layer), an encryption technology which encodes the data you send to a remote Web site to render it unreadable to anyone intercepting the transmission (which is, in itself, highly unlikely anyway).

Although something like our micros0ft.com example is highly unlikely to happen in this day and age (online trademark protection has advanced quite a bit from the early days of the Web), the security of entity authentication and transmission privacy are still necessities. Today's Web consumers are far more savvy than they were in the past, and most people are loathe to submit their credit card numbers to Web sites without these assurances, even to well-known organizations. And without SSL authentication, a visitor attempting to send information to your otherwise-secure site would be presented with a pop-up warning box indicating that your site did not have a proper Secure Server ID, usually dissuading even the most hearty online consumers. Without the capability to provide security and privacy for your visitors, they may erroneously suspect you of being fradulent, and decide not to use your services.

With a VeriSign Secure Server ID place, your visitors can rest assured that doing business at your site is secure and private, encouraging trust and repeat business!

Pricing

VeriSign Secure Server IDs are renewed yearly; currently VeriSign's annual fee for 40-bit ID is $250. (Additional fees will apply to 128-bit IDs.) Indra's Net charges an additional one-time fee of $300 to set up secure services for your site, which includes assistance with applying for and acquiring your VeriSign Secure Server ID, installation, and coordination of yearly renewals. This $300 setup fee is waived with the purchase of any Indra's Net Electronic Commerce solution of $2500 or more.

SSL-enabled sites follow the Secure Web Hosting fee schedule for monthly hosting charges.

Other Security Services

Indra's Net also provides consulting on a host of other security-related issues, such as firewalls, intranets, and PGP, and is an authorized reseller of all VeriSign security products.